Search for packages
Package details: pkg:alpm/archlinux/krb5@1.16-1
purl pkg:alpm/archlinux/krb5@1.16-1
Next non-vulnerable version 1.16.1-1
Latest non-vulnerable version 1.21.3-1
Risk 3.4
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-1h5c-cqhe-aaak
Aliases:
CVE-2018-5729
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
1.16.1-1
Affected by 0 other vulnerabilities.
VCID-dyyj-xzwf-aaae
Aliases:
CVE-2018-5709
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.
1.16.1-1
Affected by 0 other vulnerabilities.
VCID-sj56-jfqf-aaar
Aliases:
CVE-2018-5730
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
1.16.1-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-03-28T07:46:55.693602+00:00 Arch Linux Importer Affected by VCID-dyyj-xzwf-aaae https://security.archlinux.org/AVG-586 36.0.0
2025-03-28T07:46:55.662397+00:00 Arch Linux Importer Affected by VCID-1h5c-cqhe-aaak https://security.archlinux.org/AVG-586 36.0.0
2025-03-28T07:46:55.642009+00:00 Arch Linux Importer Affected by VCID-sj56-jfqf-aaar https://security.archlinux.org/AVG-586 36.0.0
2024-09-18T02:02:16.789692+00:00 Arch Linux Importer Affected by VCID-dyyj-xzwf-aaae https://security.archlinux.org/AVG-586 34.0.1
2024-09-18T02:02:16.762728+00:00 Arch Linux Importer Affected by VCID-1h5c-cqhe-aaak https://security.archlinux.org/AVG-586 34.0.1
2024-09-18T02:02:16.737814+00:00 Arch Linux Importer Affected by VCID-sj56-jfqf-aaar https://security.archlinux.org/AVG-586 34.0.1
2024-07-06T22:27:37.562025+00:00 Arch Linux Importer Affected by VCID-dyyj-xzwf-aaae https://security.archlinux.org/AVG-586 34.0.0rc4
2024-07-06T22:27:37.541272+00:00 Arch Linux Importer Affected by VCID-1h5c-cqhe-aaak https://security.archlinux.org/AVG-586 34.0.0rc4
2024-07-06T22:27:37.517569+00:00 Arch Linux Importer Affected by VCID-sj56-jfqf-aaar https://security.archlinux.org/AVG-586 34.0.0rc4
2024-01-03T22:28:18.736046+00:00 Arch Linux Importer Affected by VCID-dyyj-xzwf-aaae https://security.archlinux.org/AVG-586 34.0.0rc1
2024-01-03T22:28:18.709678+00:00 Arch Linux Importer Affected by VCID-1h5c-cqhe-aaak https://security.archlinux.org/AVG-586 34.0.0rc1
2024-01-03T22:28:18.688358+00:00 Arch Linux Importer Affected by VCID-sj56-jfqf-aaar https://security.archlinux.org/AVG-586 34.0.0rc1